295da80f20c3f61d341e06f788dcc6836f1185816368f51fab8b086be60e89d4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

295da80f20c3f61d341e06f788dcc6836f1185816368f51fab8b086be60e89d4
Size

20KB
MD5

063ec2501919ac7f12a7a76ea1148cc2
SHA1

fb4d815b1e275d57a30b548cb37b52129c4d96dd
SHA256

295da80f20c3f61d341e06f788dcc6836f1185816368f51fab8b086be60e89d4
SHA512

d5581a3cf80ecdfd388ee3262aed649d161fbd964771d744194e59b6d794b9d3a3aab6ed1c9d39af4f7e755e44b2666c43a386aad2f5b1dc70ff1ec04bcb7d4f
SSDEEP

192:jiqxUsINsfDufOCotMgWOxCx2RgerlT5r6brm61oynbV2Xkcxzn/HD:jzUskhJgWOxtRNr6b6616Xkcxjb

Score

N/A

Malware Config

Signatures

Files

295da80f20c3f61d341e06f788dcc6836f1185816368f51fab8b086be60e89d4
.exe windows x86

c42004e35d9e778f5f1166904d2966af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
Sleep
GlobalFree
GlobalAlloc
FreeLibrary
GetSystemDefaultUILanguage
CreateProcessA
DeleteFileA
CreateThread
InterlockedExchange
CloseHandle
GetLastError
GetStartupInfoA
GetModuleHandleA

user32

wsprintfA

msvcrt

_exit
sprintf
strncpy
strcspn
strstr
??2@YAPAXI@Z
atoi
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

ws2_32

htons
setsockopt
WSAStartup
socket
send
connect
WSAIoctl
__WSAFDIsSet
closesocket

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE